There is a default virtualhost in webmin, the directives seems to same as the file ssl.conf. It seems it processes all requests on port 443 not handled by other virtual servers.
I tried to change the .crt and .key to my custom .crt and .key by changing the two lines
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /var/www/html/server.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /var/www/html/server.key
but there are errors after I click "apply changes" in webmin
Some of your private key files are encrypted for security reasons. In
order to read them you have to provide the pass phrases.Server 6313213113.static.ctinets.com:443 (RSA) Enter pass
phrase:Apache:mod_ssl:Error: Private key not found.
How do I solve this problem?
* Update *
<VirtualHost 172.16.1.99:443>
SSLEngine on
SSLCertificateFile /var/www/html/server.crt
SSLCertificateKeyFile /var/www/html/server.key
DocumentRoot /var/www/html
ServerName www.domain.com:443
DirectoryIndex index.php index.html index.htm index.shtml
LogLevel debug
HostNameLookups off
#DefaultLanguage zh-cn
AddLanguage en .en
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
AddDefaultCharset UTF-8
AddCharset GB2312 .gb2312 .gb
AddCharset utf-8 .utf8
AddCharset big5 .big5 .b5
UseCanonicalName off
php_value memory_limit 32M
</VirtualHost>
after i config about to httpd.conf
when i access http://www.domain.com:443 is accessable, but when i access https://www.domain.com, it can be accessable…….., what is the problem?
Best Answer
The private key file is itself encrypted with a passphrase. You need to remove this encryption so that Apache can load it without you typing the passphrase in manually.
You can use
openssl
to do this: